Remove telegraf service (replaced with grafana alloy)

2025-05-06 16:04:53 +02:00 · 2025-05-06 16:04:53 +02:00 · 4a853065db
commit 4a853065db
parent 5ad3e9bfe2
6 changed files with 16 additions and 135 deletions
--- a/playbooks/for-ansible-lint.yml
+++ b/playbooks/for-ansible-lint.yml
@ -20,6 +20,7 @@
    - influxdb
    - jellyfin
    - lego
+    - lgtm_stack
    - mailcowdockerized
    - minecraft_2
    - minio
@ -31,7 +32,6 @@
    - synapse
    - tandoor
    - teamspeak_fallback
-    - telegraf
    - tinytinyrss
    - umami
    - vikunja
--- a/playbooks/roles/lgtm_stack/vars/main.yml
+++ b/playbooks/roles/lgtm_stack/vars/main.yml
@ -57,7 +57,10 @@ lgtm_stack_env:
  GF_AUTH_GENERIC_OAUTH_ENABLED: true
  GF_AUTH_GENERIC_OAUTH_NAME: "auth.serguzim.me"
  GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP: true
-  GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(groups, 'Grafana GrafanaAdmins') && 'GrafanaAdmin' || contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'"
+  GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "\
+    contains(groups, 'Grafana GrafanaAdmins') && 'GrafanaAdmin'
+    || contains(groups, 'Grafana Admins') && 'Admin'
+    || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'"
  GF_AUTH_GENERIC_OAUTH_ALLOW_ASSIGN_GRAFANA_ADMIN: true
  GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "{{ opentofu.authentik_data.lgtm_stack.client_id }}"
  GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "{{ opentofu.authentik_data.lgtm_stack.client_secret }}"
@ -101,7 +104,7 @@ lgtm_stack_mimir_yml:
    storage:
      backend: s3
      s3:
-        endpoint: "{{ opentofu.scaleway_data.mimir_blocks.api_endpoint |  regex_replace('^https://', '') }}"
+        endpoint: "{{ opentofu.scaleway_data.mimir_blocks.api_endpoint | regex_replace('^https://', '') }}"
        region: "{{ opentofu.scaleway_data.mimir_blocks.region }}"
        access_key_id: "{{ opentofu.scaleway_data.mimir_blocks.access_key }}"
        secret_access_key: "{{ opentofu.scaleway_data.mimir_blocks.secret_key }}"
@ -149,7 +152,7 @@ lgtm_stack_compose:
        networks:
          apps:
            aliases:
-            - lgtm_stack_alloy
+              - lgtm_stack_alloy
          default:

      mimir:
@ -163,6 +166,6 @@ lgtm_stack_compose:
          default:
          apps:
            aliases:
-            - lgtm_stack_mimir
+              - lgtm_stack_mimir
    volumes:
      grafana-data:
--- a/playbooks/roles/telegraf/tasks/main.yml
+++ b/playbooks/roles/telegraf/tasks/main.yml
@ -1,27 +0,0 @@
---
- name: Set common facts
-  ansible.builtin.import_tasks: tasks/set-default-facts.yml
-
- name: Deploy {{ role_name }}
-  vars:
-    svc: "{{ telegraf_svc }}"
-    env: "{{ telegraf_env }}"
-    compose: "{{ telegraf_compose }}"
-  block:
-    - name: Import prepare tasks for common service
-      ansible.builtin.import_tasks: tasks/prepare-common-service.yml
-
-    - name: Template config
-      ansible.builtin.template:
-        src: telegraf.conf.j2
-        dest: "{{ (service_path, 'telegraf.conf') | path_join }}"
-        mode: "0664"
-      register: cmd_result
-
-    - name: Set the docker force-recreate flag
-      ansible.builtin.set_fact:
-        docker_force_recreate: --force-recreate
-      when: cmd_result.changed # noqa: no-handler We need to handle the restart per service. Handlers don't support variables.
-
-    - name: Import start tasks for common service
-      ansible.builtin.import_tasks: tasks/start-common-service.yml
--- a/playbooks/roles/telegraf/templates/telegraf.conf.j2
+++ b/playbooks/roles/telegraf/templates/telegraf.conf.j2
@ -1,54 +0,0 @@
-[agent]
-  interval = "60s"
-  round_interval = true
-  metric_batch_size = 1000
-  metric_buffer_limit = 10000
-  collection_jitter = "0s"
-  flush_interval = "10s"
-  flush_jitter = "0s"
-  precision = ""
-  hostname = "{{ inventory_hostname }}"
-  omit_hostname = false
-
-[[outputs.influxdb_v2]]
-  urls = ["{{ svc.influxdb.url }}"]
-  token = "{{ svc.influxdb.token }}"
-  organization = "{{ svc.influxdb.organization }}"
-  bucket = "{{ svc.influxdb.bucket }}"
-
-[[inputs.prometheus]]
-  urls = [
-  {%- for host_data in opentofu.hosts.values() -%}
-    "https://{{ host_data.fqdn_vpn }}:2019/metrics",
-  {%- endfor -%}
-  ]
-
-[[inputs.prometheus]]
-  urls = [
-  {%- for url in svc.prometheus_unprotected.urls -%}
-    "{{ url }}",
-  {%- endfor -%}
-  ]
-
-[[inputs.prometheus]]
-  urls = [
-  {%- for url in svc.prometheus_protected.urls -%}
-    "{{ url }}",
-  {%- endfor -%}
-  ]
-
-  bearer_token_string = "{{ svc.prometheus_protected.bearer_token }}"
-
-[[inputs.postgresql]]
-  address = "postgres://{{ svc.postgresql.user }}:{{ svc.postgresql.pass }}@{{ svc.postgresql.host }}:{{ svc.postgresql.port }}/{{ svc.postgresql.database }}?sslmode=verify-full"
-  ignored_databases = ["postgres", "template0", "template1"]
-  prepared_statements = true
-
-[[inputs.docker_log]]
-  endpoint = "{{ svc.docker_log.endpoint }}"
-
-  docker_label_include = [
-    "com.influxdata.telegraf.enable"
-  ]
-
-  source_tag = {{ svc.docker_log.source_tag|lower }}
--- a/playbooks/roles/telegraf/vars/main.yml
+++ b/playbooks/roles/telegraf/vars/main.yml
@ -1,42 +0,0 @@
---
-telegraf_svc:
-  influxdb:
-    url: https://tick.serguzim.me
-    token: "{{ vault_telegraf.influxdb_token }}"
-    organization: serguzim.net
-    bucket: metrics
-  prometheus_unprotected:
-    urls:
-      - https://matrix.serguzim.me/_synapse/metrics
-      - https://push.serguzim.me/metrics
-      - https://tick.serguzim.me/metrics
-      - https://todo.serguzim.me/api/v1/metrics
-  prometheus_protected:
-    urls:
-      - https://ci.serguzim.me/metrics
-      - https://git.serguzim.me/metrics
-    bearer_token: "{{ vault_metrics_token }}"
-  postgresql:
-    host: "{{ postgres.host }}"
-    port: "{{ postgres.port }}"
-    user: "{{ opentofu.postgresql_data.telegraf.user }}"
-    pass: "{{ opentofu.postgresql_data.telegraf.pass }}"
-    database: "{{ opentofu.postgresql_data.telegraf.database }}"
-  docker_log:
-    endpoint: unix:///var/run/docker.sock
-    source_tag: false
-
-telegraf_compose:
-  watchtower: false
-  image: telegraf:1.28
-  volumes:
-    - /var/run/docker.sock:/var/run/docker.sock
-    - ./telegraf.conf:/etc/telegraf/telegraf.conf:ro
-  file:
-    services:
-      app:
-        user: telegraf
-        group_add:
-          - "972" # docker group on host
-    volumes:
-      data:
--- a/services.auto.tfvars
+++ b/services.auto.tfvars
@ -427,6 +427,14 @@ services = {
        vpn = true
      }
    ]
+    monitoring = {
+      url = "/api/health"
+      group = "7-support"
+      conditions = [
+        "DEFAULT",
+        "[BODY].database == ok"
+      ]
+    }
    auth = true
    auth_redirects = ["https://monitoring.serguzim.me/login/generic_oauth"]
    database = true
@ -701,13 +709,6 @@ services = {
    s3 = false
  }

-  "telegraf" = {
-    host = "node001"
-    auth = false
-    database = true
-    s3 = false
-  },
-
  "tinytinyrss" = {
    host = "node001"
    dns = [{